William & Mary Law Review
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
William & Mary Law Review
Volume 62 (2020-2021) Article 2
Issue 6
5-2021
A New Compact for Sexual Privacy
Danielle Keats Citron
Follow this and additional works at: https://scholarship.law.wm.edu/wmlr
Part of the Law and Society Commons, and the Privacy Law Commons
Repository Citation
Danielle Keats Citron, A New Compact for Sexual Privacy, 62 Wm. & Mary L. Rev. 1763 (2021),
https://scholarship.law.wm.edu/wmlr/vol62/iss6/2
Copyright c 2021 by the authors. This article is brought to you by the William & Mary Law School Scholarship
Repository.
https://scholarship.law.wm.edu/wmlrWilliam & Mary
Law Review
VOLUME 62 NO. 6, 2021
A NEW COMPACT FOR SEXUAL PRIVACY
DANIELLE KEATS CITRON*
ABSTRACT
Intimate life is under constant surveillance. Firms track people’s
periods, hot flashes, abortions, sexual assaults, sex toy use, sexual
fantasies, and nude photos. Individuals hardly appreciate the extent
of the monitoring, and even if they did, little could be done to curtail
* Jefferson Scholars Foundation Schenck Distinguished Professor in Law, University
of Virginia School of Law; Vice President, Cyber Civil Rights Initiative; 2019 MacArthur
Fellow. I am grateful to William & Mary Law School for inviting me to give the George Wythe
Lecture, to faculty and students for their thoughtful comments, and to the Law Review
(especially Geoffrey Cannon and his fellow editors) for superb suggestions. Ryan Calo,
Woodrow Hartzog, Mary Anne Franks, Neil Richards, Ari Waldman, Alan Butler, Sara Cable,
Kris Collins, Jennifer Daskal, John Davisson, Hany Farid, Ahmed Ghappour, Rebecca Green,
Debbie Hellman, Laura Heymann, Joe Jerome, Cameron Kerry, Ryan Kriger, Gary Lawson,
Tiffany Li, Linda McClain, Mike Meuer, Luis Alberto Montezuma, Jeanine Morris-Rush,
Nancy Moore, Nate Oman, David Rossman, Andrew Selbst, David Seipp, Kate Silbaugh,
Jessica Silbey, Noah Stein, Peter Swire, and David Webber provided helpful advice. Boston
University Journal of Science & Technology Law kindly asked me to present this paper as the
keynote of its 2019 data privacy symposium. Matt Atha, Rebecca Gutterman, Caroline
Hopland, and Julia Schur went above and beyond as research assistants. Tyler Gabrielski
was a constant help. The MacArthur Foundation graciously supported this work. I am
especially grateful to Dean Risa Goluboff and Vice Dean Leslie Kendrick of the University of
Virginia School of Law for their encouragement and insights.
17631764 WILLIAM & MARY LAW REVIEW [Vol. 62:1763 it. What is big business for firms is a big risk for individuals. Corporate intimate surveillance undermines sexual privacy—the social norms that manage access to, and information about, human bodies, sex, sexuality, gender, and sexual and reproductive health. At stake is sexual autonomy, self-expression, dignity, intimacy, and equality. So are people’s jobs, housing, insurance, and other life opportunities. Women and minorities shoulder a disproportionate amount of that burden. Privacy law is failing us. Not only is the private sector’s handling of intimate information largely unrestrained by American consumer protection law, but it is treated as inevitable and valuable. This Article offers a new compact for sexual privacy. Reform efforts should focus on stemming the tidal wave of collection, restricting uses of intimate data, and expanding the remedies available in court to include orders to stop processing intimate data.
2021] A NEW COMPACT FOR SEXUAL PRIVACY 1765
TABLE OF CONTENTS
INTRODUCTION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1766
I. UNDERSTANDING PRIVATE-SECTOR SURVEILLANCE OF
INTIMATE LIFE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1773
A. Cataloging First-Party Collection . . . . . . . . . . . . . . . . . . 1773
1. Our Bodies: Our Sexual and Reproductive
Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1774
2. Adult Sites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1778
3. Dating Apps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1779
4. Personal Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1782
B. Surveying Third-Party Collection . . . . . . . . . . . . . . . . . . 1785
1. The Data Hand Off: Advertising and Analytics . . . . . 1785
2. Data Brokers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1788
3. Cyber Stalking Apps. . . . . . . . . . . . . . . . . . . . . . . . . . . 1790
4. Purveyors of Nonconsensual (Sometimes Fake)
Porn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1791
II. ASSESSING THE DAMAGE AND LAW’S RESPONSE . . . . . . . . . . 1792
A. Undermining the Values Secured by Sexual
Privacy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1792
B. Surveying the Damage. . . . . . . . . . . . . . . . . . . . . . . . . . . 1800
C. Understanding the Legal Landscape . . . . . . . . . . . . . . . 1804
1. Privacy Legislation. . . . . . . . . . . . . . . . . . . . . . . . . . . . 1804
2. Privacy Policy Making of Law Enforcers . . . . . . . . . . 1807
3. Private Suits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1812
4. Criminal Law . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1814
III. REIMAGINING PROTECTIONS FOR INTIMATE
INFORMATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1816
A. Special Protections for Intimate Information . . . . . . . . . 1817
1. Limits on Collection . . . . . . . . . . . . . . . . . . . . . . . . . . . 1818
2. Use Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1824
3. Remedies: Halt Processing and the Data Death
Penalty . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1826
B. Objections. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1829
1. Market. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1830
2. Free Speech . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1831
CONCLUSION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18381766 WILLIAM & MARY LAW REVIEW [Vol. 62:1763
INTRODUCTION
Intimate life is under constant surveillance. Apps memorialize
people’s menstruation cycles, fertility, and sexually transmitted
infections.1 Advertisers and analytics firms track searches and
browsing on adult sites.2 Sex toys monitor the frequency and inten-
sity of their owners’ use.3 Digital assistants record, transcribe, and
store conversations in bedrooms and bathrooms.4
In some contexts, people enter into relationships with the firms
tracking their intimate lives.5 This is true when individuals sub-
scribe to dating apps or purchase digital assistants.6 In other
contexts, people have no connection with the firms handling their
intimate data. Data brokers, cyber stalking apps, and sites devoted
to nonconsensual pornography and deep fake sex videos come to
mind.7
1. No Body’s Business but Mine: How Menstruation Apps Are Sharing Your Data, PRIV.
INT’L (Oct. 7, 2020), https://privacyinternational.org/long-read/3196/no-bodys-business-mine-
how-menstruations-apps-are-sharing-your-data [https://perma.cc/6TMH-2CRU].
2. See Elena Maris, Timothy Libert & Jennifer R. Henrichsen, Tracking Sex: The
Implications of Widespread Sexual Data Leakage and Tracking on Porn Websites, 22 NEW
MEDIA & SOC’Y 2018, 2025-26 (2020).
3. Steven Musil, Internet-Connected Vibrator Connects with Privacy Lawsuit, CNET
(Sept. 13, 2016, 4:15 PM), https://www.cnet.com/news/internet-connected-vibrator-we-vibe-
lawsuit-privacy-data/ [https://perma.cc/XK9Y-H4X9].
4. Jennings Brown, The Amazon Alexa Eavesdropping Nightmare Came True, GIZMODO
(Dec. 20, 2018, 11:24 AM), https://gizmodo.com/the-amazon-alexa-eavesdropping-nightmare-
came-true-1831231490 [https://perma.cc/J6T7-ZXTT].
5. See, e.g., Thomas Germain, How Private Is Your Online Dating Data?, CONSUMER
REPS. (Sept. 21, 2019), https://www.consumerreports.org/privacy/how-private-is-your-online-
dating-data/ [https://perma.cc/MF52-4ENF]. They use online services that facilitate testing
for sexually transmitted infections and share the results with prospective partners. Kimberly
M. Aquiliana, STD Testing? Yeah, There Is an App for That, METRO (June 5, 2017),
https://www.metro.us/std-testing-yeah-theres-an-app-for-that/ [https://perma.cc/9UUM-
DVPA].
6. For instance, people subscribe to dating apps that record their sexual preferences and
favorite positions, interest in threesomes, HIV status, and hookups. See Azeen Ghorayshi &
Sri Ray, Grindr Is Letting Other Companies See User HIV Status and Location Data,
BUZZFEED NEWS (Apr. 2, 2018, 11:13 PM), https://www.buzzfeednews.com/article/azeenghoray
shi/grindr-hiv-status-privacy [https://perma.cc/3PHU-5UH2]; Makena Kelly & Nick Statt,
Amazon Confirms It Holds on to Alexa Data Even if You Delete Audio Files, VERGE (July 3,
2019, 4:14 PM), https://www.theverge.com/2019/7/3/20681423/amazon-alexa-echo-chris-coons-
data-transcripts-recording-privacy [https://perma.cc/C6VQ-YWUR].
7. See Kashmir Hill, Data Broker Was Selling Lists of Rape Victims, Alcoholics, and2021] A NEW COMPACT FOR SEXUAL PRIVACY 1767
Whether anticipated and expected or unknown and unwanted by
individuals, the tracking of intimate information is poised for
explosive growth. Profits drive what I have previously described as
the “collection imperative.”8 For instance, analysts predict that with-
in five years, the “femtech market”—menstruation, fertility, and
sexual wellness apps—will be a $50 billion industry.9
Personal data is the coin of the realm for our everyday products
and services.10 At some level, people understand that online services
are not actually free.11 But the firms intentionally structure the deal
in a manner that obscures its lopsided nature. Individual consumers
cannot fully grasp the potential risks, and few options exist for those
who do (beyond not using the service).12 Firms have every incentive
to reinforce the status quo, from which they earn considerable
profits.13
The surveillance of intimate life garners significant returns with
little risk for businesses.14 The opposite is true for individuals.15 The
‘Erectile Dysfunction Sufferers,’ FORBES (Dec. 19, 2013, 3:40 PM), https://www.forbes.com/
sites/kashmirhill/2013/12/19/data-broker-was-selling-lists-of-rape-alcoholism-and-erectile-
dysfunction-sufferers/#42acebdb1d53 [https://perma.cc/9HWM-FED4]; Lorenzo Franceschi-
Bicchierai & Joseph Cox, Inside the ‘Stalkerware’ Surveillance Market, Where Ordinary People
Tap Each Other’s Phones, VICE: MOTHERBOARD (Apr. 18, 2017, 8:01 AM), https://www.vice.
com/en/article/53vm7n/inside-stalkerware-surveillance-market-flexispy-retina-x [https://
perma.cc/JPB3-QYXH]; Danielle Keats Citron, Spying Inc., 72 WASH. & LEE L. REV. 1243,
1244-47 (2015) [hereinafter Citron, Spying Inc.]; Danielle Keats Citron, Sexual Privacy, 128
YALE L.J. 1870, 1917-18 (2019) [hereinafter Citron, Sexual Privacy].
8. Danielle Keats Citron, A Poor Mother’s Right to Privacy: A Review, 98 B.U. L. REV.
1139, 1141 (2018) [hereinafter Citron, A Poor Mother’s Right to Privacy].
9. Drew Harwell, Is Your Pregnancy App Sharing Your Intimate Data with Your Boss?,
WASH. POST (Apr. 10, 2019, 3:11 PM) (internal quotation marks omitted), https://www.wash
ingtonpost.com/technology/2019/04/10/tracking-your-pregnancy-an-app-may-be-more-public-
than-you-think/ [https://perma.cc/G5B9-9NKQ].
10. Chris Jay Hoofnagle & Jan Whittington, Free: Accounting for the Costs of the Internet’s
Most Popular Price, 61 UCLA L. REV. 606, 608-10 (2014).
11. See SHOSHANA ZUBOFF, THE AGE OF SURVEILLANCE CAPITALISM: THE FIGHT FOR A
HUMAN FUTURE AT THE NEW FRONTIER OF POWER 10-11 (2019); JULIE E. COHEN, BETWEEN
TRUTH AND POWER: THE LEGAL CONSTRUCTIONS OF INFORMATIONAL CAPITALISM 44-46 (2019).
12. See Hoofnagle & Whittington, supra note 10, at 635-36, 640-41.
13. See Neil Richards & Woodrow Hartzog, A Duty of Loyalty for Privacy Law 9 (July 28,
2020) (unpublished manuscript), https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3642217
[https://perma.cc/ACL8-GD5E].
14. This pattern happens across the economy but is particularly problematic when it
comes to sexual privacy, as I explore throughout this Article.
15. See STIGLER COMM. ON DIGIT. PLATFORMS, STIGLER CTR. STUDY OF ECON. & STATE,
FINAL REPORT 11-12 (2019), https://www.chicagobooth.edu/research/stigler/news-and-media/1768 WILLIAM & MARY LAW REVIEW [Vol. 62:1763
private sector’s collection, use, storage, and disclosure of intimate
information undermines what I have elsewhere called “sexual
privacy” and “intimate privacy”—the ways people manage the
boundaries around intimate life.16 Sexual (or intimate) privacy
concerns information about, and access to, the body, particularly the
parts of the body associated with sex, gender, sexuality, and repro-
duction.17 It concerns information about, and access to, people’s sex
and gender; their sexual activities and interactions; their innermost
thoughts, desires, and fantasies; and their sexual and reproductive
health.18 This includes on- and offline activities, interactions,
communications, thoughts, and searches.19 It concerns information
about the decisions that people make about their intimate lives.20
This Article focuses on the collection, use, storage, and disclosure
of information about sexual privacy, a crucial subset of sexual
privacy. I will use the terms “intimate information” and “intimate
data” interchangeably to refer to the subject matter of this piece:
information about our bodies and health; our sexuality, gender, and
sex; and our close relationships.
Maintaining and protecting the privacy of intimate information
is foundational for interlocking interests, all of which are essential
for us to flourish as human beings.21 Privacy-afforded intimate
information enables identity- and self-development. It frees us to let
our guards down and engage in sexual and gender experimentation
and expression, alone or with trusted others (including com-
panies).22 It gives us sexual autonomy. Intimate or sexual privacy
also protects our dignity, enabling us to enjoy self-esteem and social
respect. Then, too, it frees us to form close intimate relationships
committee-on-digital-platforms-final-report [https://perma.cc/V6BM-JJM7] (“Firms that
collect and process private information do not internalize the harms associated with consumer
privacy and security breaches. Nor do they internalize negative externalities, or potential
misuses of data that impact people who are not their own consumers.”).
16. See Citron, Sexual Privacy, supra note 7, at 1874-75, 1880-81.
17. Id. at 1874.
18. Id.
19. See id.
20. Id.
21. See id. at 1883-85.
22. See id. Sexual privacy protects the ability of people to be sexual on their own terms,
including being asexual. See id.2021] A NEW COMPACT FOR SEXUAL PRIVACY 1769
with friends, lovers, and family members.23 As Charles Fried said
long ago, privacy is the precondition for love and intimacy.24 And,
lastly, it secures equal opportunity.25
Our digital services and products could be built to protect our
sexual privacy and the experimentation, expression, and intimacy
that it makes possible. They could, but they are not. Why? Simply
put, privacy is not profitable. For individuals, the costs are signifi-
cant, though we do not have a real chance to understand the extent
of the damage. Private-sector surveillance of intimate information
strips individuals of the ability to decide who learns about their
miscarriages, breakups, HIV infections, and sexual assaults, now
and long into the future. It undermines people’s self-esteem as they
see themselves as intimate parts and not as whole selves.26 When
companies categorize and rate people as rape sufferers or escort
users and nothing more, they give those individuals fractured
identities.27 People’s self-expression and association are chilled.28
Fearful of unwanted surveillance, people stop using dating apps,
fertility trackers, or digital assistants.29 They refrain from browsing
sites devoted to gender experimentation, sexuality, and reproductive
health.30
The damage may be hard for us to grasp as it is happening, but
it is no less profound or real. Intimate data reveals people’s physical
and emotional vulnerabilities, which firms exploit to their advan-
tage.31 When intimate data is leaked or disclosed to hackers and
criminals, individuals have an increased risk of reputational ruin,
blackmail, and extortion.32 When commercial hiring companies use
23. See id. See generally DANIELLE KEATS CITRON, HATE CRIMES IN CYBERSPACE 193-95
(2014) [hereinafter CITRON, HATE CRIMES IN CYBERSPACE].
24. See Charles Fried, Privacy, 77 YALE L.J. 475, 477-78 (1968).
25. Citron, Sexual Privacy, supra note 7, at 1883-85.
26. See id. at 1886.
27. See id.
28. See CITRON, HATE CRIMES IN CYBERSPACE, supra note 23, at 193-95.
29. See Jonathon W. Penney, Internet Surveillance, Regulation, and Chilling Effects
Online: A Comparative Case Study, INTERNET POL’Y REV., May 26, 2017, at 13 [hereinafter
Penney, Case Study].
30. See id. at 8-13.
31. See infra Part II.A.
32. Daniel J. Solove & Danielle Keats Citron, Risk and Anxiety: A Theory of Data-Breach
Harms, 96 TEX. L. REV. 737, 744-45 (2018); Kate Fazzini, Ashley Madison Cyber-Breach: 5
Years Later, Users Are Being Targeted with ‘Sextortion’ Scams, CNBC (Jan. 31, 2020, 9:251770 WILLIAM & MARY LAW REVIEW [Vol. 62:1763
intimate data to mine, rank, and rate candidates, people may be
unfairly excluded from employment opportunities.33 People’s
insurance rates may rise because algorithms predict their need for
expensive fertility treatments or gender confirmation surgeries.34
These risks are not evenly distributed across society. Women and
marginalized communities disproportionately bear the burden of
private-sector surveillance of intimate life.35 Given the way that
demeaning stereotypes work, intimate data will more often be used
to disadvantage women, sexual minorities, and racial minorities
rather than heterosexual white men.36 The femtech market will
surely have a disproportionate impact on women in healthcare,
employment, and insurance decisions.37 The majority of people
appearing on sites devoted to revenge porn and deep fake sex videos
are women and minorities.38 For people with intersecting margin-
alized identities, the harm is compounded.39 The denial of equal
opportunity in the wake of sexual privacy invasions is why I called
for the recognition of “cyber civil rights” more than a decade ago.40
AM), https://www.cnbc.com/2020/01/31/ashley-madison-breach-from-2015-being-used-in-sextor
tion-scams.html [https://perma.cc/WLN2-J7F2].
33. See Ifeoma Ajunwa & Daniel Greene, Platforms at Work: Automated Hiring Platforms
and Other New Intermediaries in the Organization of Work, in 33 RESEARCH IN THE SOCIOLOGY
OF WORK, WORK AND LABOR IN THE DIGITAL AGE 61, 79 (Steven P. Vallas & Anne Kovalainen
eds., 2019). See generally Marie Hicks, Hacking the Cis-tem: Transgender Citizens and the
Early Digital State, 41 IEEE ANNALS HIST. COMPUTING 20, 28 (2019); SAFIYA UMOJA NOBLE,
ALGORITHMS OF OPPRESSION: HOW SEARCH ENGINES REINFORCE RACISM 123-25 (2018).
34. Jaden Urbi, Some Transgender Drivers Are Being Kicked Off Uber’s App, CNBC (Aug.
13, 2018, 9:21 AM), https://www.cnbc.com/2018/08/08/transgender-uber-driver-suspended-
tech-oversight-facial-recognition.html [https://perma.cc/4X59-3T3W]; SARAH MYERS WEST,
MEREDITH WHITTAKER & KATE CRAWFORD, AI NOW INSTITUTE, DISCRIMINATING SYSTEMS:
GENDER, RACE, AND POWER IN AI 17-18 (2019), https://ainowinstitute.org/discriminatingsys
tems.pdf [https://perma.cc/5JD9-VS57].
35. See Citron, Sexual Privacy, supra note 7, at 1928.
36. Id.; CITRON, HATE CRIMES IN CYBERSPACE, supra note 23, at 9-17.
37. As suggested above, this is the direct result of the data collection campaigns of
femtech companies.
38. See Citron, Sexual Privacy, supra note 7, at 1919-20, 1924.
39. See Mary Anne Franks, Democratic Surveillance, 30 HARV. J.L. & TECH. 425, 464
(2017); see also Citron, Sexual Privacy, supra note 7, at 1892-93; Joy Buolamwini & Timnit
Gebru, Gender Shades: Intersectional Accuracy Disparities in Commercial Gender
Classification, 81 PROC. MACH. LEARNING RSCH. 77, 88 (2018).
40. See Danielle Keats Citron, Cyber Civil Rights, 89 B.U. L. REV. 61, 84-85 (2009)
[hereinafter Citron, Cyber Civil Rights].2021] A NEW COMPACT FOR SEXUAL PRIVACY 1771
Despite the enormity of these potential harms, intimate informa-
tion lacks meaningful legal protection. American law generally
treats privacy as a consumer protection matter. It focuses on
policing firms’ notice to consumers about their data practices and
any deception associated with those practices.41 For the most part,
the collection, use, storage, and sharing of intimate data are enabled
by this approach rather than restricted by it.42 Tracking intimate
data is not just permissible. It is viewed as beneficial.43 But the
truth of the matter is that human flourishing is being impaired, not
secured.
This Article offers a new compact for the protection of intimate
information. As a start, we need to revise our understanding of the
privacy afforded to intimate life. Treating sexual privacy as a
consumer protection problem underestimates the interests at stake.
The surveillance of intimate life matters—not just because firms fail
to provide notice or engage in deceptive practices but also because
they undermine autonomy, dignity, intimacy, and equality. It
matters because people’s crucial life opportunities, including
employment, education, housing, insurance, professional certifica-
tion, and self-expression, are on the line. It matters because our core
capabilities hang in the balance.
All personal data needs protection, but even more so for intimate
information.44 Intimate information should not be collected or
processed without meaningful consent—knowing, voluntary, and
exceptional. Firms should not use intimate information to manipu-
late people to act against their interests. Firms should have robust
obligations of confidentiality, discretion, and loyalty when handling
intimate data. Available remedies should include injunctive relief
ordering firms to stop processing intimate data until legal commit-
ments are satisfied. Repeated violations can and should result in the
41. See, e.g., Richards & Hartzog, supra note 13, at 38, 40-41.
42. See id.
43. Julie E. Cohen, Turning Privacy Inside Out, 20 THEORETICAL INQUIRIES L. 1, 11 (2019)
(explaining that the collection and processing of personal data are “position[ed] ... as virtuous
and productive, and therefore ideally exempted from state control”).
44. See Paul Ohm, Sensitive Information, 88 S. CAL. L. REV. 1125, 1128-29 (2015); Danielle
Keats Citron, Reservoirs of Danger: The Evolution of Public and Private Law at the Dawn of
the Information Age, 80 S. CAL. L. REV. 241, 244-45 (2007) [hereinafter Citron, Reservoirs of
Danger].1772 WILLIAM & MARY LAW REVIEW [Vol. 62:1763
“data death penalty”—forbidding a firm’s handling of personal data
now and in the future.45 Given that with enough personal data we
can infer intimate information, all personal data deserves strong
protection.46
This Article has three parts. Part I provides a snapshot into the
corporate surveillance of intimate life. It categorizes the surveil-
lance into first- and third-party data collection. Part II highlights
the damage that corporate intimate surveillance causes to the
values that sexual privacy secures and the harm to human well-
being that it inflicts. It provides an overview of the legal landscape
and the extent to which law is failing us. Part III offers a plan of
action for the protection of intimate information. It provides guide-
posts for regulating the private sector’s surveillance of intimate
information, and it suggests affirmative obligations for firms and
additional remedies.
45. See infra Part III.A.3. Thanks to Woodrow Hartzog for suggesting the concept of the
“data death penalty” to describe stop processing orders.
46. There is terrific scholarship on the contours of strong baseline privacy protections. See
generally Neil Richards & Woodrow Hartzog, The Pathologies of Digital Consent, 96 WASH.
U. L. REV. 1461 (2019) [hereinafter Richards & Hartzog, Pathologies of Digital Consent];
Woodrow Hartzog, The Inadequate, Invaluable Fair Information Practices, 76 MD. L. REV. 952
(2017) [hereinafter Hartzog, Inadequate, Invaluable Fair Information Practices]; Neil Richards
& Woodrow Hartzog, Taking Trust Seriously in Privacy Law, 19 STAN. TECH. L. REV. 431
(2016); Woodrow Hartzog, The Case Against Idealising Control, 4 EUR. DATA PROT. L. REV. 423
(2018) [hereinafter Hartzog, The Case Against Idealising Control]; Richards & Hartzog, supra
note 13. Cameron Kerry has been thoughtfully exploring the various proposals for data
privacy reform at the federal level. See, e.g., Cameron F. Kerry, Protecting Privacy in an AI-
Driven World, BROOKINGS (Feb. 10, 2020), https://www.brookings.edu/research/protecting-
privacy-in-an-ai-driven-world/ [https://perma.cc/8J4T-VU8K]; Cameron Kerry, Data Collection
Standards in Privacy Legislation: Proposed Language, LAWFARE (Apr. 10, 2019, 11:20 AM),
https://www.lawfareblog.com/data-collection-standards-privacy-legislation-proposed-language
[https://perma.cc/6K7W-YL6X] [hereinafter Kerry, Proposed Language]; Cameron F. Kerry,
Op-Ed: A Federal Privacy Law Could Do Better than California’s, L.A. TIMES (Apr. 25, 2019,
3:05 AM), https://www.latimes.com/opinion/op-ed/la-oe-kerry-ccpa-data-privacy-laws-201904
25-story.html [https://perma.cc/QR6Y-MA69]; Cameron F. Kerry & John B. Morris, Jr., Why
Data Ownership Is the Wrong Approach to Protecting Privacy, BROOKINGS (June 26, 2019),
https://www.brookings.edu/blog/techtank/2019/06/26/why-data-ownership-is-the-wrong-
approach-to-protecting-privacy/ [https://perma.cc/QT9S-SNAD].2021] A NEW COMPACT FOR SEXUAL PRIVACY 1773
I. UNDERSTANDING PRIVATE-SECTOR SURVEILLANCE OF
INTIMATE LIFE
This Part gives us a glimpse of the private sector’s wide-ranging
surveillance of intimate life.47 First, Section A describes scenarios of
first-party collection—or instances in which people have relation-
ships with businesses collecting their intimate information. Then,
Section B gives examples of third-party collection—or instances in
which people lack a direct relationship with private entities han-
dling their intimate information. I use the concepts of first- and
third-party data collection to organize the varied commercial
scenarios in which intimate information is collected, processed,
used, and shared.48
A. Cataloging First-Party Collection
Businesses routinely gather intimate information directly from
individuals.49 First-party collection occurs on sites related to sexual
47. Karen Levy has a wonderful short symposium piece focusing on surveillance practices
in the home, often (though not always) involving consensual intimate partners. Karen E.C.
Levy, Intimate Surveillance, 51 IDAHO L. REV. 679 (2015). In that work, Professor Levy divides
intimate surveillance into three categories: dating, tracking intimate and romantic partners,
and fertility monitoring. Id. at 681-86. In this Article, I explore the collection, use, sharing,
and storage of information relating to all aspects of intimate life, including—but not limited
to—the home, building on my work on commercial databases of sensitive information, cyber
civil rights, nonconsensual pornography, cyber stalking apps, sexual privacy, and deep fakes.
See Citron, Reservoirs of Danger, supra note 44; Citron, Cyber Civil Rights, supra note 40;
Danielle Keats Citron & Mary Anne Franks, Criminalizing Revenge Porn, 49 WAKE FOREST
L. REV. 345 (2014); Danielle Keats Citron, Protecting Sexual Privacy in the Information Age,
in PRIVACY IN THE MODERN AGE 46 (Marc Rotenberg, Julia Horwitz & Jeramie Scott eds.,
2015); Citron, Spying Inc., supra note 7; Citron, Sexual Privacy, supra note 7; Danielle Keats
Citron, Why Sexual Privacy Matters for Trust, 96 WASH. U. L. REV. 1189 (2019) [hereinafter
Citron, Why Sexual Privacy Matters for Trust]; Bobby Chesney & Danielle Keats Citron, Deep
Fakes: A Looming Challenge for Privacy, Democracy, and National Security, 107 CALIF. L.
REV. 1753 (2019). I discuss first- and third-party data collection as a way to understand the
broad array of firms involved in collecting, using, sharing, and storing intimate information.
48. It is worth noting that while the very concept of first- and third-party data collection
makes those processes seem normal and routine, they are anything but. I am using those
shorthand references given their prevalence in public conversation.
49. See Levy, supra note 47, at 679-80.1774 WILLIAM & MARY LAW REVIEW [Vol. 62:1763
and reproductive health, porn sites, dating apps, and personal
devices.50
1. Our Bodies: Our Sexual and Reproductive Health
Countless websites and apps are devoted to the collection of
information about our bodies, including our sexual and reproductive
health. These sites and apps let people track their sex lives—
including when they had sex, with whom, whether they used
protection—and when they masturbate.51 Some platforms host
community forums where subscribers can connect with each other
to discuss their sex lives.52 Health apps let users track their sexual
activity.53 A start-up founded by five men claims that its app
developed an algorithm that identifies and proves female orgasms.54
Some sexual health start-ups are focused on men.55 For instance,
Ro sends erectile dysfunction drugs directly to consumers.56 Hims
provides treatments for male hair and sexual issues.57 Each firm
raised more than $80 million in financing.58
Far more extensive, however, is the tracking of women’s health.
The term “femtech” describes apps, services, products, and sites that
50. See Emma McGowan, How Tracking Your Sex Life Can Make It Better & 7 Apps to,
Uh, Do It with, BUSTLE (Jan. 9, 2020), https://www.bustle.com/p/tracking-your-sex-life-with-
apps-makes-it-super-easy-19779217 [https://perma.cc/RCL3-7HVX].
51. Id.
52. Id.
53. Lux Alptraum, Apple’s Health App Now Tracks Sexual Activity, and That’s a Big
Opportunity, VICE: MOTHERBOARD (Oct. 23, 2016, 1:00 PM), https://www.vice.com/en/article/
8q8kpk/apples-health-app-now-tracks-sexual-activityand-that-a-big-opportunity [https://
perma.cc/8QJT-VFSL].
54. See RELIDA LIMITED, https://www.relidalimited.com/ [https://perma.cc/4J5P-D427];
Rachel Moss, 5 Guys Created an Algorithm to ‘Validate the Female Orgasm’. It Went as Well
as You’d Expect, HUFFINGTON POST UK (June 12, 2020), https://www.huffingtonpost.co.uk/
entry/5-guys-created-an-algorithm-to-validate-the-female-orgasm-and-it-went-as-well-as-
youd-expect_uk_5ee0dc35c5b6cdc3fd432666 [https://perma.cc/CR5M-RV6V] (noting that
Relida Limited was founded by five men and that the company claimed on its website that the
app’s algorithm was created by a woman). After some bad publicity, the start-up’s website now
says that it is meant to measure orgasms of men and women. See RELINDA LIMITED, supra.
55. See Dana Olsen, This Year Is Setting Records for Femtech Funding, PITCHBOOK (Oct.
31, 2018), https://pitchbook.com/news/articles/this-year-is-setting-records-for-femtech-funding
[https://perma.cc/TC8G-RAK4].
56. Id.
57. Id.
58. Id.2021] A NEW COMPACT FOR SEXUAL PRIVACY 1775
collect information about women’s period cycles, fertility, pregnan-
cies, menopause, and sexual and reproductive histories.59 Nearly
one-third of women in the United States have used period-tracking
apps.60 Menstrual tracking apps “are the fourth most popular health
app among adults and the second most popular among adolescent
females.”61 The start-up Gennev provides a “free” online menopause
health assessment that “collects 72 data points—and nearly 35,000
women took it in 2019.”62 Menopause start-ups have raised more
than $250 million from 2009 to 2019.63 Overall, femtech start-ups
raised nearly $500 million in 2019 alone.64
Subscribers of menstrual tracking apps enter, among other
things, their weight, temperatures, moods, reading material, sexual
encounters, tampon use, alcohol consumption, cigarette and coffee
habits, bodily secretions, and birth control pills.65 Apple’s Health
59. Harwell, supra note 9.
60. Donna Rosato, What Your Period Tracker App Knows About You, CONSUMER REPS.
(Jan. 28, 2020), https://www.consumerreports.org/health-privacy/what-your-period-tracker-
app-knows-about-you/ [https://perma.cc/B6PN-A5UW]. There are also fertility apps that track
women’s menstrual cycles and pregnancy apps that monitor women’s habits, mood, fetal
movements, and more. See Vanessa Rizk & Dalia Othman, Quantifying Fertility and
Reproduction Through Mobile Apps: A Critical Overview, 22 ARROW FOR CHANGE 13, 13-14
(2016). Some apps, such as Glow, cover all aspects of fertility, including tracking women’s
cycles, fertility, pregnancy, and a baby’s development in the first year. E.g., Jerry Beilinson,
Glow Pregnancy App Exposed Women to Privacy Threats, Consumer Report Finds, CONSUMER
REPS. (Sept. 17, 2020), https://www.consumerreports.org/mobile-security-software/glow-
pregnancy-app-exposed-women-to-privacy-threats/ [https://perma.cc/AQK7-TZS6].
61. See Michelle L. Moglia, Henry V. Nguyen, Kathy Chyjek, Katherine T. Chen & Paula
M. Castaño, Evaluation of Smartphone Menstrual Cycle Tracking Applications Using an
Adapted APPLICATIONS Scoring System, 127 OBSTETRICS & GYNECOLOGY 1153, 1153 (2016)
(footnote omitted).
62. Eliza Haverstrock, Narrative Change: VCs Are Finally Ready to Talk About Meno-
pause, PITCHBOOK (May 28, 2020), https://pitchbook.com/news/articles/vc-menopause-femtech
[https://perma.cc/4K6C-SRB7].
63. Id.
64. Id.
65. See No Body’s Business but Mine, supra note 1. For instance, the app Clue goes further
and asks subscribers to track “not just [the] dates and details of periods and menstrual
cycles,” but also their discharge of cervical fluids, their use of medication, and their sex life,
injections, illnesses, and cervical position. See Sadaf Khan, Data Bleeding Everywhere: A Story
of Period Trackers, DEEP DIVES (June 7, 2019), https://deepdives.in/data-bleeding-everywhere-
a-story-of-period-trackers-8766dc6a1e00 [https://perma.cc/UD2K-PQXF]. The Ovia Fertility
app lets users indicate the consistency of their cervical discharge, from “egg whites, water, or
a bottle of school glue.” Id. Period-tracking apps are also marketed to people’s partners so that
they can manage their relationships around menstrual cycles. Levy, supra note 47, at 685-86
(discussing apps such as PMSTracker and iAmAMan, which enable subscribers to track1776 WILLIAM & MARY LAW REVIEW [Vol. 62:1763
app syncs with period and fertility tracking apps and allows sub-
scribers to track their sexual activity.66 The Flo app provides extra
features such as period predictions and health reports that can be
shared with doctors.67 Some services let subscribers obtain discounts
on products, such as tampons.68
Consider the Eve Glow app.69 Subscribers must record their sex
drive status with the following choices: “DO ME NOW,” “I’m down,”
or “MIA.”70 To complete their health log, subscribers must input
whether they orgasmed during sex.71 The app’s screen enables
subscribers to answer “YASSS,” “No,” or “Faked It.”72 They are
asked to indicate whether they are experiencing cramps, tender
breasts, or bloating.73
Femtech apps like Eve Glow host discussion boards where people
using the services talk to each other about their intimate lives,
including their experiences with sex, fertility, abortions, or miscar-
riages.74 A user of Eve Glow explained that she “kind of lose[s her]
inhibition because so many other women are talking about” their
intimate lives on the discussion boards.75 The apps track and store
those communications.76
Three million people use Glow’s suite of apps, which include Eve
Glow, Glow, Glow Nurture, and Glow Baby.77 The company is part
of HVF Labs, whose “objective is to take advantage of potential low
multiple women’s cycles and use multiple passwords to allow users to conceal their tracking
activity).
66. Alptraum, supra note 53. Some apps are exclusively designed to track people’s sexual
activity. For example, the BedPost app allows subscribers to track the names of sexual part-
ners, track the dates of sexual experiences, and rank those sexual experiences. See BEDPOST,
http://www.bedposted.com [https://perma.cc/2JAD-V8FL].
67. See Rosato, supra note 60.
68. Id.
69. EVE GLOW, https://glowing.com/apps [https://perma.cc/T99X-UD2V].
70. Khan, supra note 65. MIA presumably means “Missing In Action.”
71. Id.
72. Id.
73. Id.
74. See id.
75. Id.
76. Id.
77. See Natasha Felizi & Joana Varon, MENSTRUAPPS—How to Turn Your Period into
Money (for Others), CODING RIGHTS: CHUPADADOS, https://chupadados.codingrights.org/en/men
struapps-como-transformar-sua-menstruacao-em-dinheiro-para-os-outros/ [https://perma.cc/
NGJ2-3NFG].2021] A NEW COMPACT FOR SEXUAL PRIVACY 1777
cost sensors, the gradual increase in access to broadband, and the
high storage capacity to collect and explore data as a commodity.”78
Glow’s privacy policy says that the company may decide to share
information collected on the app with third parties to inform users
about goods and services including those conducting medical
research.79 Only some of the user data shared is “made anony-
mous.”80
Businesses pair health devices with apps to track individuals’
intimate data. Looncup, for instance, is poised to offer a smart
menstrual cup that records the volume and color of menstrual fluid
on its app, ostensibly for health benefits.81 Trackle links a vaginal
thermometer with an app measuring women’s inner temperature.82
Reproductive health apps market themselves as providing expert
advice.83 Yet many such apps—particularly those that are “free”—
are riddled with inaccurate information.84 In one study, researchers
evaluated 108 free menstrual cycle tracking apps and concluded
that more than 80 percent of them were “inaccurate, contain[ed]
misleading health information, or d[id] not function.”85
Femtech apps also have been prone to security problems. In 2016,
Consumer Reports found that anyone could access Glow subscribers’
health data, including the dates of abortions and sexual encounters,
if they had their email addresses.86 Flo was caught sending Face-
book subscribers’ information, including when they were trying to
conceive and having their periods.87
78. Id. (emphasis added) (internal quotation marks omitted).
79. Id.
80. Id.
81. See, e.g., LOONCUP—The World’s First SMART Menstrual Cup, KICKSTARTER,
https://www.kickstarter.com/projects/700989404/looncup-the-worlds-first-smart-menstrual-
cup [https://perma.cc/M7Q9-YZUW].
82. How Trackle Works, TRACKLE, https://trackle.de/en/about-trackle-2/how-trackle-works/
[https://perma.cc/34WJ-T5F9].
83. See, e.g., EVE GLOW, supra note 69.
84. See Moglia et al., supra note 61, at 1157.
85. Id.
86. Beilinson, supra note 60.
87. See Sam Schechner & Mark Secada, You Give Apps Sensitive Personal Information.
Then They Tell Facebook, WALL ST. J. (Feb. 22, 2019, 11:07 AM), https://www.wsj.com/articles/
you-give-apps-sensitive-personal-information-then-they-tell-facebook-11550851636 [https://
perma.cc/4BHA-BNZB]1778 WILLIAM & MARY LAW REVIEW [Vol. 62:1763
2. Adult Sites
Pornography sites collect and store a wealth of information about
people’s sexual interests, desires, and sexual practices.88 They track
people’s search queries, the time and frequency of their visits, and
private chats.89 The most popular free porn site, PornHub, reports
that some of the most searched terms on the site include “lesbian,”
“milf,” “step mom,” and “teen.”90 The very nature of some adult sites
reveals people’s sexual interests, such as bestiality or incest sites.91
Some specialty sites require members to provide email addresses,
passwords, and credit card information.92 A zoophilia forum accumu-
lated personal information for about 71,000 individuals, including
usernames, birth dates, and IP addresses.93 Rosebuttboard.com, a
forum dedicated to “extreme anal dilation and anal fisting,” re-
corded the personal information of 100,000 user accounts, including
the email addresses of military members and federal employees.94
Adult sites are some of the most popular sites online. They garner
more visitors a month than Amazon, Netflix, and Twitter
88. Maris et al., supra note 2, at 2019.
89. See id.
90. See The 2019 Year in Review, PORNHUB INSIGHTS (Dec. 11, 2019), https://www.
pornhub.com/insights/2019-year-in-review#searches [https://perma.cc/D3Y8-WHKD]; see also
Michael Castleman, Surprising New Data from the World’s Most Popular Porn Site, PSYCH.
TODAY (Mar. 15, 2018), https://www.psychologytoday.com/us/blog/all-about-sex/201803/surpris
ing-new-data-the-world-s-most-popular-porn-site [https://perma.cc/377Z-K8WQ].
91. Maris et al., supra note 2, at 2027.
92. Joseph Cox, Thousands of Bestiality Website Users Exposed in Hack, VICE: MOTHER-
BOARD (Mar. 29, 2018, 1:59 AM), https://www.vice.com/en_us/article/evqvpz/bestiality-website
hacked-troy-hunt-have-i-been-pwned [https://perma.cc/VY5W-3AUW] (explaining that hack
of bestiality site revealed more than 3,000 users’ email addresses as well as users’ password
hashes, birthdates, IP addresses, and private messages).
93. See Have I Been Pwned (@haveibeenpwned), TWITTER (Oct. 19, 2019, 5:25 PM), https://
twitter.com/haveibeenpwned/status/1185668262538838016 [https://perma.cc/8XDD-F34B].
Hackers exposed the personal details of the users of the bestiality site online. Waqas, Animal
Abuse Website Hacked; Thousands of Users Exposed, HACKREAD (Mar. 30, 2018), https://www.
hackread.com/animal-abuse-website-hacked-users-exposed/ [https://perma.cc/335L-5K8T].
94. Joseph Cox, Another Day, Another Hack: Is Your Fisting Site Updating Its Forum
Software?, VICE: MOTHERBOARD (May 10, 2016, 9:54 AM), https://www.vice.com/en_us/article/
qkjj4p/rosebuttboard-ip-board [https://perma.cc/8YKX-DYXT]; Jonathan Keane, Hack Shows
Government and Military Employees Used Their Email Addresses on Hardcore Fetish Site,
DIGIT. TRENDS (May 13, 2016), https://www.digitaltrends.com/computing/rosebutt-hack/
[https://perma.cc/9RDE-EDUN]; Troy Hunt (@troyhunt), TWITTER (May 10, 2016, 10:06 AM),
https://twitter.com/troyhunt/status/730036184651431937 [https://perma.cc/EMZ5-6SNF].2021] A NEW COMPACT FOR SEXUAL PRIVACY 1779
combined.95 In 2018, PornHub had 33.5 billion visits.96 It had an
average of 63,000 visitors per minute.97 In 2019, that number grew
to 80,000 visitors per minute.98
3. Dating Apps
Dating apps and services collect broad swaths of people’s intimate
information, including their names, photographs, occupations,
locations, relationship status, romantic or sexual interests, sexual
orientation, interest in extramarital affairs, and sexually transmit-
ted infections.99 Adults are not the only ones on dating apps;
teenagers also subscribe to Tinder, MeetMe, Hot or Not, MyLOL,
and Kik.100 Such sites are commonly used by LGBTQ youth who lack
supportive networks at school to connect with others.101
Simple behaviors on these apps and sites, such as how long a user
views a particular profile or image, can reveal the characteristics or
features that a person looks for in a romantic partner.102 Journalist
Judith Duportail discovered just how extensive her disclosures to
95. Maris et al., supra note 2, at 2019.
96. Digital Fingerprints: How the Porn You Watch May Be Watching You, FIGHT THE
NEW DRUG (Feb. 15, 2019), https://fightthenewdrug.org/how-your-porn-may-be-watching-you/
[https://perma.cc/L9N7-HFX4].
97. Can You Guess 2018’s Most-Viewed Categories on the Largest Porn Site?, FIGHT THE
NEW DRUG (July 9, 2019), https://fightthenewdrug.org/pornhub-visitors-in-2018-and-review-of-
top-searches/ [https://perma.cc/3STF-AV9J].
98. The 2019 Year in Review, supra note 90.
99. See Thomas Germain, How Private Is Your Online Dating Data?, CONSUMER REPS.
(Sept. 21, 2019), https://www.consumerreports.org/privacy/how-private-is-your-online-dating-
data/ [https://perma.cc/MF52-4ENF] (“You might never choose to share those thousands of
intimate facts with a friend or family member, but if you use dating apps, you are providing
the information to companies that will collect and retain every detail.”); see also Michael
Zimmer, OKCupid Study Reveals the Perils of Big-Data Science, WIRED (May 14, 2016, 7:00
AM), https://www.wired.com/2016/05/okcupid-study-reveals-perils-big-data-science/ [https://
perma.cc/DN53-CJRL]. It is worth noting the rise of dating intelligence apps like Lulu. This
app “allows women to anonymously review and rate men.” See Dating Intelligence App Lulu
Acquired by Badoo, PITCHBOOK (Feb. 10, 2016), https://pitchbook.com/newsletter/dating-
intelligence-app-lulu-acquired-by-badoo [https://perma.cc/427V-HM6Q]. Lulu raised $6 million
in venture funding and was acquired by Badoo in 2016. Id.
100. Christine Elgersma, Tinder and 7 More Dating Apps Teens Are Using, COMMON SENSE
MEDIA (Feb. 12, 2019), https://www.commonsensemedia.org/blog/tinder-and-7-more-dating-
apps-teens-are-using [https://perma.cc/PVT4-4659]. Teenagers can access some of these apps
via Facebook. Id.
101. Id.
102. Germain, supra note 99.1780 WILLIAM & MARY LAW REVIEW [Vol. 62:1763 Tinder were when the company complied with her request for her records as required by the General Data Protection Regulation (GDPR).103 The company returned eight hundred pages detailing her activities and interactions.104 A review of the 1,700 messages Duportail sent through the app revealed her “hopes, fears, sexual preferences and deepest secrets.”105 All of this intimate information is ripe for exploitation and dis- closure.106 In some cases, this data may appear in the profiles of potential matches.107 As explored below, it may be shared with advertisers and other firms.108 And firms’ data collections may be inadequately secured and stolen. Hackers have targeted dating services to steal intimate 103. Regulation (EU) 2016/679 of the European Parliament and of the Council on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data, and Repealing Directive 95/46/EC (General Data Protection Regulation), 2016 O.J. (L 119) 1 [hereinafter GDPR]. 104. Judith Duportail, I Asked Tinder for My Data. It Sent Me 800 Pages of My Deepest, Darkest Secrets, GUARDIAN (Sept. 26, 2017, 2:10 AM), https://www.theguardian.com/technol ogy/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-sold [https://perma.cc/ WS2Z-U2J2]. The documents included Duportail’s Facebook likes and number of friends, links to her Instagram photos, her education, the age-range of men she was interested in, the number of times she opened the app, the number of people she matched with, and where and when each conversation with a match took place. Id. Facebook started a dating app in 2019. Nathan Sharp, It’s Facebook Official, Dating Is Here, FACEBOOK (Sept. 5, 2019), https://about. fb.com/news/2019/09/facebook-dating/ [https://perma.cc/Q5CZ-QKVD] (announcing the launch of Facebook’s dating app); see also Charlie Warzel, Don’t Trust Facebook With Your Love Life, N.Y. TIMES (Sept. 5, 2019), https://www.nytimes.com/2019/09/05/opinion/facebook-dating- app.html [https://perma.cc/H45K-UPG4]. 105. Duportail, supra note 104. 106. Id. (“Tinder’s privacy policy clearly states: ‘you should not expect that your personal information, chats, or other communications will always remain secure.’”); see also Privacy Policy, TINDER, https://www.gotinder.com/privacy [https://perma.cc/8UL2-TFVN] (“As with all technology companies, although we take steps to secure your information, we do not promise, and you should not expect, that your personal information will always remain secure.”). 107. In 2016, Danish researchers refused to anonymize a data set containing 70,000 OK Cupid users’ “usernames, age, gender, location, what kind of relationship (or sex) they’re interested in, personality traits, and answers to thousands of profiling questions.” Zimmer, supra note 99. The researchers argued that the information was already “publicly available,” though Zimmer notes that this is not entirely accurate. Id. “Since OkCupid users have the option to restrict the visibility of their profiles to logged-in users only, it is likely the research- ers collected—and subsequently released—profiles that were intended to not be publicly viewable.” Id. (emphasis omitted). 108. See infra Part I.B.
2021] A NEW COMPACT FOR SEXUAL PRIVACY 1781 information in order to blackmail and extort subscribers.109 In 2015, a data breach resulted in hackers publishing online the personal details of subscribers to Ashley Madison, a site for people seeking extramarital affairs. Millions of subscribers’ names, emails, sexual preferences, and sexual desires were posted online in a searchable format.110 Criminals continue to use the intimate information shared with Ashley Madison in extortion schemes.111 Membership of or browsing on particular dating sites may reveal someone’s sexual preferences and habits.112 In October 2016, hackers obtained 412 million account records from Friend Finder Networks.113 The information exposed included “email addresses, 109. Lily Hay Newman, Hacks, Nudes, and Breaches: It’s Been a Rough Month for Dating Apps, WIRED (Feb. 15, 2019, 4:44 PM), https://www.wired.com/story/ok-cupid-dating-apps- hacks-breaches-security/ [https://perma.cc/SE99-ZWPS] (“The same factors that make dating sites an appealing target for hackers also make them useful for romance scams: It’s easier to assess and approach people on a site that are already meant for sharing information with strangers.”). 110. Zak Doffman, Ashley Madison Hack Returns to ‘Haunt’ Its Victims: 32 Million Users Now Watch and Wait, MEDIUM (Feb. 1, 2020, 7:06 AM), https://www.forbes.com/sites/zakdoff man/2020/02/01/ashley-madison-hack-returns-to-haunt-its-victims-32-million-users-now-have- to-watch-and-wait/#6151c2395677 [https://perma.cc/6QNP-NHCU] (explaining that the Ashley Madison hack resulted in the leaking of intimate information of 32 million people). Ashley Madison touted its service as enabling “infidelity and married dating.” Kim Zetter, Hackers Finally Post Stolen Ashley Madison Data, WIRED (Aug. 18, 2015, 5:55 PM), https://www.wired. com/2015/08/happened-hackers-posted-stolen-ashley-madison-data/ [https://perma.cc/P672- Z6YF]. The data released by hackers included names, passwords, addresses, and phone numbers submitted by users of the site. Id. Also included were users’ credit card transactions, revealing people’s real names and addresses. Id. The data dump revealed members’ sexual fantasies and desires, such as “I like lots of foreplay and stamina, fun, discretion, oral, even willingness to experiment.” Id. As Karen Levy wisely noted, “The real benefit of self-tracking is always to the company.... People are being asked to do this at a time when they’re incredibly vulnerable and may not have any sense where that data is being passed.” Harwell, supra note 9 (quoting Cornell professor Karen Levy). Nor do they realize how easy it is to re- identify such information. See id. 111. Doffman, supra note 110 (explaining that victims of Ashley Madison hack continue to receive emails with embarrassing details from the breach and with demands for bitcoin ransoms to be paid in “a limited amount of time”). 112. See, e.g., Cox, supra note 92; Michelle Broder Van Dyke, Pastor Exposed by Ashley Madison Hack Kills Himself, BUZZFEED NEWS (Sept. 8, 2015, 8:52 PM), https://www.buzz feednews.com/article/mbvd/pastor-exposed-by-ashley-madison-hack-commits-suicide [https:// perma.cc/HE5H-7GXB]. 113. Samuel Gibbs, Adult Friend Finder and Penthouse Hacked in Massive Personal Data Breach, GUARDIAN (Nov. 14, 2016, 6:21 AM), https://www.theguardian.com/technology/2016/ nov/14/adult-friend-finder-and-penthouse-hacked-in-largest-personal-data-breach-on-record [https://perma.cc/B56T-EWXS] (“Among the leaked account details were 78,301 US military email addresses, 5,650 US government email addresses and over 96 [million] Hotmail
1782 WILLIAM & MARY LAW REVIEW [Vol. 62:1763 passwords, dates of last visits, browser information, IP addresses and site membership status across sites run by Friend Finder Net- works,” including Adult Friend Finder, Cams.com, Penthouse.com, and three other sites.114 Three years later, a hacker obtained 250,000 “email addresses, usernames, IP addresses, and hashed passwords” from the Dutch sex-work forum Hookers.nl where “clients discuss[ed] their experiences with sex workers.”115 4. Personal Devices An array of devices records people’s intimate activities and interactions. Sex toys are obvious examples. We-Vibe, a networked vibrator, allows subscribers to control others’ devices via an app.116 The app also enables partners to communicate with each other via text or video chat.117 The Lioness vibrator similarly enables sub- scribers to live stream “what’s going on in the moment” and permits partners to remotely control the device.118 Companies sell Wi-Fi accounts. The [leak] ... also included the details of what appear to be almost 16 [million] deleted accounts.”). 114. Id. “This is not the first time Adult Friend Network has been hacked. In May 2015 the personal details of almost four million users were leaked by hackers, including their login details, emails, dates of birth, post codes, sexual preferences and whether they were seeking extramarital affairs.” Id. The inclusion of data from Penthouse.com in the 2016 breach was particularly concerning as Friend Finder Networks sold the site to Penthouse Global Media in February 2016. Id. 115. Samantha Cole & Joseph Cox, A Hacker Stole 250k User Account Details from a Dutch Sex Work Site, VICE: MOTHERBOARD (Oct. 10, 2019, 10:32 AM), https://www.vice.com/en_us/ article/d3a5gy/hacker-stole-user-account-details-from-a-dutch-sex-work-site-hookers-nl [https://perma.cc/R4V4-T7G7] (“Although prostitution is legal and regulated in the Nether- lands, people still seek anonymity when they’re buying services—whether from websites like Hookers.nl or in person at brothels.”); Thomas Brewster, Dutch Prostitution Site Hookers.nl Hacked—250,000 Users’ Data Leaked, FORBES (Oct. 10, 2019, 8:43 AM), https://www.forbes. com/sites/thomasbrewster/2019/10/10/dutch-prostitution-site-hookersnl-hacked--250000-users- data-leaked/?sh=41fadb1822f8 [https://perma.cc/WG74-VGUB] (“Dutch broadcaster NOS, which broke the story ... viewed some of the data and said it could determine some real names of users.”). 116. Musil, supra note 3. 117. Id. 118. Now You Can See Your Orgasm in Real Time, LIONESS (Apr. 15, 2019), https://blog. lioness.io/now-you-can-see-your-orgasm-in-real-time-359afbdfa6d0 [https://perma.cc/N8ST- BYE3]. We-Vibe recorded the dates and times of a vibrator’s use and the intensity and mode selected by subscribers without their consent, leading to a class action lawsuit discussed in Part II. See Amended Class Action Complaint & Demand for Jury Trial at 1-2, N.P. v. Standard Innovation Corp., Case No. 1:16-cv-8655 (E.D. Ill. Feb. 27, 2017).
2021] A NEW COMPACT FOR SEXUAL PRIVACY 1783 enabled butt plugs, vibrating masturbators for men, and devices for the penis that track thrusting.119 Like many consumer goods, internet-connected sex toys are not developed with privacy and secu- rity in mind.120 While voice-enabled personal assistants that listen to and record people’s activities are less obviously related to intimate life, they are no less important.121 Amazon’s Echo and other Alexa-enabled devices are marketed as in-home hubs for managing day-to-day tasks.122 They record people’s communications, storing them as voice recordings and text transcripts in the cloud.123 Amazon retains text transcripts even after subscribers choose to delete the saved audio files of their voice interactions with the device.124 According to researchers, voice-activated assistants, such as Alexa and Echo, do not only wake and record when subscribers say the “wake word.”125 Indeed, the systems are error prone and have recorded intimate conversations.126 Apple’s Siri has captured recordings of sexual encounters.127 Computer science researchers at Northeastern University conducted a study of smart speakers by exposing devices to three audiobooks and nine episodes of the 119. Emily Dreyfuss, Don’t Get Your Valentine an Internet-Connected Sex Toy, WIRED (Feb. 14, 2019, 10:02 AM), https://www.wired.com/story/internet-connected-sex-toys-security/ [https://perma.cc/ER73-9LFK]; Rebecca “Burt” Rose, How Fit Is Your Dick, Exactly? The Sex- Fit Ring Knows All the Answers, JEZEBEL (Aug. 8, 2014, 6:10 PM), https://jezebel.com/how-fit- is-your-dick-exactly-the-sexfit-ring-knows-al-1618065007 [https://perma.cc/YQX8-DBMR]. 120. See IoD Goals, INTERNET OF DONGS PROJECT, https://internetofdon.gs/about/ [https:// perma.cc/F9K8-M9RC]. Security researchers involved in “The Internet of Dongs Project” report on security vulnerabilities and work with companies interested in fixing problems. Id. The researchers have published guidance documents on the reporting of security vulnerabilities and ensuring secure software development lifecycle to prevent vulnerabilities from occurring in the first place. Vendor Resources, INTERNET OF DONGS PROJECT, https:// internetofdon.gs/vendor-resources/ [https://perma.cc/SK3H-WD3T]. 121. Alex Hern, Apple Contractors ‘Regularly Hear Confidential Details’ on Siri Recordings, GUARDIAN (July 26, 2019, 12:34 PM), https://www.theguardian.com/technology/2019/jul/26/ apple-contractors-regularly-hear-confidential-details-on-siri-recordings [https://perma.cc/ DB24-B927]. 122. Kelly & Statt, supra note 6. 123. Id. 124. Id. 125. Allen St. John, Smart Speakers that Listen When They Shouldn’t, CONSUMER REPS. (Aug. 29, 2019), https://www.consumerreports.org/smart-speakers/smart-speakers-that-listen- when-they-shouldnt/ [https://perma.cc/WK4T-2KH4]. 126. Id.; Hern, supra note 121. 127. Hern, supra note 121.
You can also read
